Quote:
Originally Posted by Natsheh
that actually what i did but he didn't explain properly how he managed to obtain and recognized the windows signature.
but i will sure use the regamedll engine as reference despite the fact knowing the signatures will differs from the regular gamedll.
|
You are missing the point. Again, you do not go into the windows DLL, just look at random functions and figure out what they do. Do not do that, you are approaching the problem from the wrong end.
Figure out what plugin you want to do, check regamedll(not the dll files, the source code on github
https://github.com/s1lentq/ReGameDLL...regamedll/dlls), understand the game functions that are related to what you want to do. Check the source code from regamedll to see if the function is using strings or not(see my previous post about what to do if they have/do not have strings).
Then you just build a signature of bytes for your function and do whatever you want to do with it. You can press F5 in IDA to get a C code translation from the assembly, it will help you see if you got the right function.
You don't need to know assembly to be able to use orpheu.
I could write a step by step tutorial about how to identify functions(with examples). Wanted to write one for a long time, but figured no one would be interested.
__________________